2919e700298b1126569619d724fd21f2_JaffaCakes118

General

Target

2919e700298b1126569619d724fd21f2_JaffaCakes118
Size

18KB
MD5

2919e700298b1126569619d724fd21f2
SHA1

08aa48b8b454199eeca89315ea5f0a36428e2aec
SHA256

d0430e9c40b88b4e175587d1963d717fa7bc30d4a9812a35809c4162aaaed5cd
SHA512

00fac32c5ce1593373e3c2ace90e0ae786fbe635421bbee824b24fe512a83b5a0415f643bfb8f0f39ad0b3d164a51cfd778df29600fab4ad69afc38c38d76ff6
SSDEEP

384:oe/7kucBFxuaAECB9G0W+y+6lGTY7uP7/Ar6TcjfYVUSkB/zotdNk5QcUAN:o+kucBFxjAECB9O+y+6lkmIYWITpSkBb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2919e700298b1126569619d724fd21f2_JaffaCakes118

Files

2919e700298b1126569619d724fd21f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ef2650c7c8d5d72d5f8036d347d4f92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchangeAdd
GetProcAddress
GetStartupInfoA
VirtualAlloc
InterlockedExchange
VirtualQuery
DosDateTimeToFileTime
GetTickCount
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetVersionExA
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
IsBadStringPtrA
GetComputerNameA
VirtualProtect

user32

GetWindowThreadProcessId
GetWindow
GetIconInfo
IsClipboardFormatAvailable
GetCursor
IsWindowUnicode
GetWindowTextA
IsCharUpperA
GetTopWindow
IsZoomed
IsIconic
GetGUIThreadInfo
GetParent
IsChild
IsMenu
GetWindowRgn
IsCharAlphaA
GetWindowDC

advapi32

InitializeSecurityDescriptor
GetUserNameA
RevertToSelf

msvcrt

_CIcosh
_CIacos
srand
_adjust_fdiv
malloc
_initterm
free
_memicmp
_memccpy
time
modf
floor
localeconv
_hypot
_pctype
_isctype
__mb_cur_max
ldexp
_errno
div
rand
_set_error_mode
_CIpow
_ultoa

gdi32

GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetBitmapDimensionEx
GdiGetBatchLimit

ole32

CoFileTimeNow
CoGetCurrentProcess

shell32

DuplicateIcon
ord64

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ef2650c7c8d5d72d5f8036d347d4f92

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 70KB - Virtual size: 70KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 70KB - Virtual size: 70KB

.reloc
Size: 3KB - Virtual size: 2KB